Vulnerability in Microsoft Windows
CVE-2016-9415
MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."
EPSS: 0.019 (76.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.
Affected products
- Microsoft Windows
- Mybb Merge_system
- Mybb
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Patch, Release Notes, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
- cve@mitre.org (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
Frequently asked questions
- What is CVE-2016-9415?
- CVE-2016-9415 is a high-severity vulnerability in Microsoft Windows, classified under Improper Access Control. CVSS score: 7.5/10. Published 2017-01-31.
- How severe is CVE-2016-9415?
- High severity. CVSS v3 base score is 7.5 out of 10.